[英]SSL on subdomain and primary domain - ehost
I have issue with my provider - ehost. 我的提供者有问题-ehost。
I have wildcard certificate. 我有通配符证书。 I wanted to first test it before I go live.
我想先测试一下再上线。 So I request to install it on subdomain first (uat.domain.com).
因此,我要求先将其安装在子域(uat.domain.com)上。 I have tested application and want to go live.
我已经测试过应用程序,并且想要上线。 Provider said that it is impossible to install certificate on primary domain (domain.com) because they have installed it first on subdomain.
提供商说,不可能在主域(domain.com)上安装证书,因为他们首先在子域上安装了证书。
Of course they have offered me to buy certificate from them. 当然,他们提供了我从他们那里购买证书的服务。
I really don't understand the issue can someone tell me if they have right or not? 我真的不明白这个问题,有人可以告诉我他们是否正确? I thought that is possible even to take the certficate from ehost and send it to another provider and install it.
我认为甚至可以从ehost取得证书并将其发送给另一提供商并安装它。 The certificate is now installed on Apache Server and folders to subdomain and primary domain are in the same server.
现在,证书已安装在Apache服务器上,子域和主域的文件夹位于同一服务器中。
Without looking at the actual configuration it is hard to tell, but to answer your question, if they say it is impossible, that is because they are just using 1 VirtualHost in their server. 如果不看实际配置,很难说,但是要回答您的问题(如果他们说不可能),那是因为他们在服务器中仅使用1个VirtualHost。
Generally shared hosting have these kind of issues because they dedicate 1 single instance of Apache to many different clients and have 1 virtualhost per client, but this is just guessing you need to check this is what currently happening. 通常,共享托管会出现此类问题,因为它们将Apache的一个实例专用于许多不同的客户端,并且每个客户端具有1个虚拟主机,但这只是猜测您需要检查当前情况。
But I can also describe how Apache works so you understand what may be happening: 但是我还可以描述Apache的工作方式,以便您了解可能发生的情况:
If the Apache configuration has different virtualhosts, you can have as many different certificates, wildcards and whatnot, as virtualhosts you have. 如果Apache配置具有不同的虚拟主机,则可以拥有与虚拟主机一样多的不同证书,通配符和其他内容。
This is, 1 certificate per VirtualHost. 这是每个VirtualHost 1个证书。
But that is not all, if you have several different domain or subdomain names this is when you need to carefully plan how you must configure them. 但这还不是全部,如果您有几个不同的域名或子域名,那么这是您需要仔细计划如何配置它们的时候。
For instance 例如
If you have defined this virtualhost first: 如果先定义了此虚拟主机,则:
<VirtualHost *:443>
ServerName example.com
ServerAlias *.example.com
</VirtualHost>
No other virtualhosts for whatever.example.com or example.com will apply or be used since this virtualhost will grab all the requests for those names. 不会应用或使用any.example.com或example.com的其他虚拟主机,因为此虚拟主机将捕获对这些名称的所有请求。
But if you have: 但是,如果您有:
<VirtualHost *:443>
ServerName domain.com
</VirtualHost>
And now you need to define a virtualhost with a new wildcard certificate for your subdomain, you can perfectly do using the new wildcard certificate for *.example.com: 现在,您需要为您的子域定义一个带有新通配符证书的虚拟主机,您可以完美地将新通配符证书用于* .example.com:
<VirtualHost *:443>
ServerName xxxxx.example.com
</VirtualHost>
and can now define more virtualhosts if you want/need with the same wildcard cert for *.example.com: 并且现在可以定义更多虚拟主机,如果您希望/需要为* .example.com使用相同的通配符证书:
<VirtualHost *:443>
ServerName yyyyy.example.com
</VirtualHost>
Note these are stripped down virtualhost examples (obviously your virtualhosts will have more directives inside them, specially the ones loading the key and certificates, etc). 请注意,这些是简化的virtualhost示例(显然,您的虚拟主机中将包含更多指令,尤其是那些加载密钥和证书的指令)。
And briefly, things you need to consider: 简要地说,您需要考虑的事项:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.